On 2/20/07, Brian Keefer <[EMAIL PROTECTED]> wrote:
In the case of a greylisting type of solution, it seems that identification would be especially devastating since the work-around is so trivial. Unless my understanding is very wrong, the whole effectiveness of the solution depends on the spammers not realizing the difference between a "normal" MTA and one that greylists.
The reason that greylisting has been effective is because spammers apparently don't waste resources on maintaining queues and attempting redelivery later. Why worry about redelivery to 500 temporarily failed recipients when in the same time and processor cycles you can delivery to 500,000 more mailboxes? It (in practice, apparently) matters not to the spammer if they've got an antispam measure returning a 45x error or a legitimate MTA. If you were a spammer, and thought that working around 450s from spamd was worth wasting resources on to reattempt delivery, why wouldn't you just reattempt delivery on any temporary error under the hopes that it will succeed? By definition a temporary error will go away at some point if you reattempt delivery. For every point that someone has brought up against greylisting (from since it was originally proposed by Harris in 2003), it continues to work effectively. So while people adopts this sky-is-falling-spammers-will-figure-it-out-soon mentality, the numbers don't lie. Greylisting has been, still is, and will continue to be for some time at least an effective measure. DS
